The SmartConsole CLI can be directly accessed from within SmartConsole by clicking the icon on the bottom left corner.

SmartConsole -> Management CLI:

Just add the required syntax to your IP addresses to create host objects and one host group for them. Copy & Paste this to your SmartConsole CLI in order to have a group containing all block IPs created. Then create a rule that blocks all access to this group. Done.

SAM rules does not need to create an object, you can add the IP addresses directly in the blocking rules, monitore them, and remove them.

However, SAM rules are CPU intensive. So you better use a traditionnal security policy rule and a group of hosts object. Sam rules should only be used in emergency conditions (as they do not need a policy installation to be added or removed), and IP block should be move to your security policy rule as fast as you confirm there is no false positive.

For SAM rules? The KB shows there is a cli comand "fw sam_policy" that you could use with a script to parse your inject everything. However, i would not recommand you to use SAM to block 2000 IP addresses when you can easily do it also with either mgmt_api or dbedit scripts depending on the version you are running.

All the given solution are script-capable or bulk by nature, so i do not catch you very well.

Excellent point about CPU implications Bruno. Very important for large and/or heavily loaded environments when every CPU % counts. Maybe Danny Jung could update original article with CPU impact for each of the options. Just for clarity